PRZOOM - /newswire/ -
Dubai, UAE, United Arab Emirates, 2011/12/20 - ComGuard introduces the latest version of Acunetix Web Vulnerability Scanner 8 beta to optimise the web security in the Middle East region.
ComGuard, a Dubai based leading value added distributor for IT security products and solutions in the Middle East and North Africa region today announced the launch of the latest version of Acunetix Web Vulnerability Scanner 8 beta to optimise the web security in the Middle East region.
Mohammad Mobasseri, Sr. Vice President, ComGuard FZ LLC, said “The version 8 of the Acunetix Web Vulnerability Scanner has been optimised to make life easier at every stage of a security scan. WVS is easier to use for web admins and security analysts alike with enhanced automation, ability to save scan settings as a template to avoid reconfiguration, and multiple instance support for simultaneous scans of several websites. WVS 8 also ushers in a new exciting co-operation between Acunetix and Imperva: developers of the industry’s leading Web Application Firewall which will help to secure the organizations in the Middle East region.”
The key new features for Acunetix Web Vulnerability Scanner 8 are mentioned below:
Manipulation of inputs from URLs
Acunetix WVS can automatically detect URL parameters and manipulate them to detect vulnerabilities. This technology is not present in any other competing vulnerability scanner.
Automatic IIS 7 rewrite rule interpretation
Using the web application’s web.config file, WVS 8 can automatically interpret rewrite rules without requiring any manual input.
Support for custom HTTP headers
To function correctly, some web applications need incoming requests to contain specific HTTP headers. It is now possible to define custom HTTP headers to be used during automated scans.
Imperva Web Application Firewall integration
An exciting co-operation between Imperva and Acunetix: WVS 8 scan results can be automatically imported into an Imperva Web Application Firewall and interpreted as rules.
New vulnerability class: HTTP Parameter Pollution
At the time of writing, Acunetix WVS 8 is the only scanner that tests for this security vulnerability.
Multiple instance support
Acunetix WVS 8 can be relaunched as multiple instances on the same machine, allowing the user to scan multiple websites and opening up further support for multi-user scenarios on the same server/workstation.
Accessible via a web interface, the new Scheduler allows administrators to download scan results from any workstation, laptop, or smartphone. The new Scheduler will automatically launch another instance of WVS when multiple web scans are due, preventing multiple processes from depending on the resources of one WVS instance and thereby allowing scans to complete in less time.
Automatic custom 404 error page recognition and detection
Acunetix WVS 8 can automatically determine if a custom error page is in use and recognizes it without requiring any custom 404 recognition patterns to be configured for a scan
Scan settings templates
WVS 8 now allow the settings for the scan of a specific application to be saved as individual templates, making it quick and easy to recall the exact settings for a website each time it is scanned. This is particularly useful when scanning multiple sites, allowing the user to load the template for each site instead of re-configuring all the settings manually.
Simplified Scan Wizard
In addition to the introduction of Scan Settings Templates and automatic custom 404 error page recognition, the Scan Wizard contains far less options so it’s much easier and quicker to kick off a scan.
Smart memory management
The following settings have been added to ensure even the most complex scans will complete automatically, and successfully:
• Define number of files per directory
• Limit number of subdirectories per website
• Assign Crawler memory limit
Real-time Crawler status
Crawler data is now updated in real-time information and provides live feedback how many files have been crawled, how many inputs have been detected, and more.
Scan termination status included in report
Reports now include the termination or completion status of each vulnerability scan. For example: the report will display if the scan was completed successfully or halted manually.
Web application coverage report
A new report template that lists all the web application files crawled and specific vulnerability tests performed on each file.
Log file retention
It is now possible to define the retention span before log files are automatically flushed; to ensure logs are not deleted each time WVS is restarted.
Significant WVS 8 improvement:
Improved web security check scripts
• All security check scripts have been optimized to reduce false positives even further
• The scanner checks for the latest variants of vulnerability classes like XSS, SQL injection, and more.
Comguard FZ LLC is one of the leading Value added Distributors in the IT security space and has a reach across the Middle East and North Africa region. The company was established in 2002 and is headquartered in Dubai, UAE. Comguard is a part of Spectrum Group which is engaged in IT networking, security training and consultancy. Hence, the biggest strength for Comguard is the skill sets which has made it one of the fastest growing Value added Distributors in the region and has been recognized by several awards from vendors and industry platforms like Top 5 Value added Distributors by Reseller Middle East magazine and the Choice of Channel Award from VAR MEA magazine.